Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes XSS vulnerabilities #6831

Merged
merged 7 commits into from Mar 19, 2019
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
Janky fix for Select2 bug
  • Loading branch information
snipe committed Mar 19, 2019
commit 5848d9a10c7d62c73ff6a3858edfae96a429402a
13 changes: 12 additions & 1 deletion resources/assets/js/snipeit.js
Expand Up @@ -260,7 +260,18 @@ $(document).ready(function () {
}

function formatDataSelection (datalist) {
return datalist.text;
// This a heinous workaround for a known bug in Select2.
// Without this, the rich selectlists are vulnerable to XSS.
// Many thanks to @uberbrady for this fix. It ain't pretty,
// but it resolves the issue until Select2 addresses it on their end.
//
// Bug was reported in 2016 :{
// https://github.com/select2/select2/issues/4587

return datalist.text.replace(/>/g, '>')
.replace(/</g, '&lt;')
.replace(/"/g, '&quot;')
.replace(/'/g, '&#039;');
}

// This handles the radio button selectors for the checkout-to-foo options
Expand Down